US11621833B2ActiveUtilityA1

Secure multiparty loss resistant storage and transfer of cryptographic keys for blockchain based systems in conjunction with a wallet management system

97
Assignee: NCHAIN LICENSING AGPriority: Feb 23, 2016Filed: May 15, 2020Granted: Apr 4, 2023
Est. expiryFeb 23, 2036(~9.6 yrs left)· nominal 20-yr term from priority
G06Q 2220/00G06Q 20/38H04L 2209/56G06Q 20/36G06Q 20/3829H04L 9/3066G06Q 20/3678G06Q 20/389H04L 9/3242H04L 9/0861H04L 9/0894H04L 9/3247H04L 9/3252H04L 9/08H04L 9/0825H04L 9/085H04L 63/0442H04L 9/32H04L 9/0841H04L 9/0838
97
PatentIndex Score
4
Cited by
602
References
6
Claims

Abstract

A solution for controlling access to a resource such as a digital wallet implemented using a blockchain. Use of the invention during set-up of the wallet can enable subsequent operations to be handled in a secure manner over an insecure channel. An example method comprises splitting a verification element into multiple shares; determining a common secret at multiple nodes in a network; and using the common secret to transmit a share of the verification element between nodes. The shares can be split such that no share is sufficient to determine the verification element and can be stored at separate locations. Upon share unavailability, the share can be retrieved a location accessibility. For safe transmission of the share(s), the common secret is generated at two different nodes independently and used to generate an encryption key for encrypting at least one share of the verification element to be transmitted securely.

Claims

exact text as granted — not AI-modified
What is claimed is: 
     
       1. A computer-implemented method, comprising:
 determining a common secret at a first node in a network based, at least in part, on a first node private key of the first node and a second node public key of a second node in the network; 
 using the common secret to transmit at least one share of a verification element that has been split into at least three shares to the second node to enable the second node to use the at least one share of the verification element to compute the verification element, wherein the verification element is usable to control access to a digital wallet associated with a user; and 
 storing the at least three shares of the verification element at different locations relative to each other, wherein a first share of the at least three shares is stored in or on a back-up or safe-storage facility that is separate, independent, and/or distinct from the locations in which other shares of the at least three shares are stored, and wherein the back-up or safe-storage facility is, or is operated by, a party that is independent of at least the first node and the user, and that accepts responsibility for storing the share and supplying it upon request, and wherein a second share of the at least three shares is stored at a user device associated with the user and the digital wallet. 
 
     
     
       2. The method of  claim 1 , wherein the verification element comprises:
 a representation of a cryptographic key different from the cryptographic key; or 
 one or more elements that may be used to obtain the cryptographic key. 
 
     
     
       3. The method of  claim 1 , wherein using the common secret to transmit the at least one share of the verification element comprises:
 using the common secret to generate an encryption key; and 
 transmitting the at least one share of the verification element in an encrypted format using the encryption key. 
 
     
     
       4. The method of  claim 1 , wherein the verification element is a cryptographic key. 
     
     
       5. The method of  claim 1 , further comprising:
 splitting the verification element into the plurality of shares such that the verification element can be restored or regenerated from two or more shares of the plurality of shares, wherein no individual share of the plurality of shares is sufficient to restore or regenerate the verification element. 
 
     
     
       6. The method of  claim 5 , wherein Shamir's Secret Sharing Scheme is utilized as part of splitting the verification element into the plurality of shares.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.